package me.boot.web.security.cors.properties;

import cn.hutool.core.collection.CollUtil;
import lombok.Data;
import me.boot.web.security.properties.SecurityProperties;
import org.springframework.boot.context.properties.ConfigurationProperties;

import java.time.Duration;
import java.util.List;

@Data
@ConfigurationProperties(prefix = SecurityProperties.PREFIX + "." + CorsProperties.PREFIX)
public class CorsProperties {
    public static final String PREFIX = "cors";

    /**
     * 开启跨域检查
     */
    private boolean enabled = true;
    /**
     * 是否允许请求带有验证信息
     */
    private boolean allowCredentials = true;
    /**
     * 允许访问的客户端域名
     */
    private List<String> allowedOrigins = CollUtil.newArrayList("*");
    /**
     * 允许服务端访问的客户端请求头
     */
    private List<String> allowedHeaders = CollUtil.newArrayList("*");
    /**
     * 允许服务端访问的客户端请求方法
     */
    private List<String> allowedMethods = CollUtil.newArrayList("*");
    /**
     * 从跨域的服务器端返回的响应头部信息
     */
    private List<String> exposedHeaders = CollUtil.newArrayList("*");
    /**
     * 持续有效时间，持续期间内不再预检
     */
    private Duration maxAge = Duration.ofDays(1);
}
